Earlier this year, the organization US-CERT has released a notice that said that there were in the public domain recursive DNS- servers that are actively used to amplification the attack DNS (DNS amplification attack), a very effective method of DDoS-attacks .
Often the problem is incorrect configuration of domain name servers , which allows an attacker to send DNS- query in which the source address is replaced by the address of the victim . When the DNS- server sends a response , it contains the address of the victim. A huge number of these false requests causes the final denial of service .
Perhaps some system administrators in the United States have taken a serious threat to their own servers and reconfigured in such a way as to prevent further break-ins , but this method of attack remains popular, not only in the West.
Webroot's Expert Dancho Danchev wrote in a company blog that the hackers at specialized forums, engages in the sale and purchase of PHP- script , with which , using ready- compromised servers can perform DDoS-attacks .
"Currently, the PHP script supports four types of DDoS attack tactics, namely DNS amplification, spoofed SYN, spoofed UDP, and HTTP proxy support. The script also acts as a centralized command and control management interface for all the servers where it has been (secretly) installed on," - said the expert.
Price scenario is now $ 800, but the researcher notes that when it comes out of the early stages of development , developers will increase the price. Danchev does not know whether this scenario is applied in practice, but he am sure that in time he will find his victims.
Danchev's notification can be found here.
No comments:
Post a Comment